Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

2024-08-29...il.exe

windows7-x64

6

2024-08-29...il.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-29_7579555177f0851d82b416c87e4f809d_bkransomware_hijackloader_revil

  • Size

    15.7MB

  • Sample

    240829-n9tpvszhlf

  • MD5

    7579555177f0851d82b416c87e4f809d

  • SHA1

    04998bfed4c632fb42b4be4c52b1b04964b7ad37

  • SHA256

    be2f54f7285dd05c6054b6560e4576d88e699c858ffd6daa2da3017cb1e6a9ea

  • SHA512

    ed820f9921006213a6aa9e394814e0d7163c4db314fb349b020551cffe32605d26108d119a47c38a9999af40153c781bd17428c1b9ec0b450c6a5d612945003c

  • SSDEEP

    196608:PfEkDV4aV49RjOF5hK9TMICeEnE5rigt/a4PKKOjw+dLnWaKxYfRNrcAGTeOSKxS:3gs09TMJeEnEQoKgaKxYpSAP87w5Fz

Score
6/10
discovery

Malware Config

Targets

    • Target

      2024-08-29_7579555177f0851d82b416c87e4f809d_bkransomware_hijackloader_revil

    • Size

      15.7MB

    • MD5

      7579555177f0851d82b416c87e4f809d

    • SHA1

      04998bfed4c632fb42b4be4c52b1b04964b7ad37

    • SHA256

      be2f54f7285dd05c6054b6560e4576d88e699c858ffd6daa2da3017cb1e6a9ea

    • SHA512

      ed820f9921006213a6aa9e394814e0d7163c4db314fb349b020551cffe32605d26108d119a47c38a9999af40153c781bd17428c1b9ec0b450c6a5d612945003c

    • SSDEEP

      196608:PfEkDV4aV49RjOF5hK9TMICeEnE5rigt/a4PKKOjw+dLnWaKxYfRNrcAGTeOSKxS:3gs09TMJeEnEQoKgaKxYpSAP87w5Fz

    Score
    6/10
    discovery

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks